<?php
	require('./include/phpsqlajax_dbinfo.php');
	
	function parseToXML($htmlStr){
		$xmlStr=str_replace("&",'&amp;',$htmlStr);
		return $xmlStr; 
	}
	
	 // Opens a connection to a MySQL server.
	$connection = mysql_connect ($server, $username, $password);
	if (!$connection) 
	{
	  die('Not connected : ' . mysql_error());
	}
	
	// Sets the active MySQL database.
	$db_selected = mysql_select_db($database, $connection);
	if (!$db_selected) 
	{
	  die ('Can\'t use db : ' . mysql_error());
	}
	
	 //Set result charset to UTF-8
	 mysql_query('SET NAMES "utf8"');
	
	 // Selects all the rows in the markers table.
	 $query = 	'SELECT events.idEvents, events.name, events.description, eventcategories.eventcategory, 
				ROUND(events.fee,2) AS fee, events.date, events.street, events.nr, events.town, events.plz, 
				users.organization, users.email
				FROM events, eventcategories, events_has_eventcategories, users
				WHERE events_has_eventcategories.EventCategories_idEventCategories = eventcategories.idEventCategories 
				AND events_has_eventcategories.Events_idEvents = events.idEvents 
				AND users.idUsers = events.Users_idUsers ';
	
	$pattern = '/(^$|^[^",;]+$)/';
	
	if(
		isset($_POST['name']) && isset($_POST['eventsCategory']) && isset($_POST['date']) && 
	  	isset($_POST['street']) && isset($_POST['nr']) && isset($_POST['town'])
	  ){
		if(  	
			preg_match($pattern, $_POST['name']) && preg_match($pattern, $_POST['eventsCategory']) &&
	  		preg_match($pattern, $_POST['date']) && preg_match($pattern, $_POST['street']) &&
	  		preg_match($pattern, $_POST['nr']) && preg_match($pattern, $_POST['town'])	
		  ){
			if($_POST['name'] != ''){
				$query .= 	'AND events.name = "'.$_POST['name'].'" ';	
			}
			if($_POST['eventsCategory'] != ''){
				$query .= 	'AND eventcategories.eventcategory = "'.$_POST['eventsCategory'].'" ';	
			}
			if($_POST['date'] != ''){
				$query .= 	'AND events.date = "'.$_POST['date'].'" ';	
			}
			if($_POST['street'] != ''){
				$query .= 	'AND events.street = "'.$_POST['street'].'" ';
			}
			if($_POST['nr'] != ''){
				$query .= 	'AND events.nr = "'.$_POST['nr'].'" ';	
			}
			if($_POST['town'] != ''){
				$query .= 	'AND events.town = "'.$_POST['town'].'" ';	
			}
		}
		else{
			exit();	
		}	
	}
	else{
		exit();
	}
	
		 
	 $result = mysql_query($query);
	 if (!$result) 
	 {
	  die('Invalid query: ' . mysql_error());
	 }
	
	// Creates an array of strings to hold the lines of the XML file.
	header('Content-type: text/xml');
	$xml = array('<?xml version="1.0" encoding="UTF-8"?>');
	$xml[] = '<event_informations>';
	
	// Iterates through the rows, printing a node for each row.
	while ($row = @mysql_fetch_assoc($result)) 
	{
	  $xml[] = '<event id="'.$row['idEvents'].'">';
	  $xml[] = '<name>'.$row['name'].'</name>';
	  $xml[] = '<description>'.$row['description'].'</description>';	
	  $xml[] = '<eventcategory>'.$row['eventcategory'].'</eventcategory>';	
	  $xml[] = '<fee>'.$row['fee'].'</fee>';				
	  $xml[] = '<date>'.$row['date'].'</date>';
	  $xml[] = '<address>';
	  $xml[] = '<street>'.$row['street'].'</street>';	
	  $xml[] = '<nr>'.$row['nr'].'</nr>';
	  $xml[] = '<plz>'.$row['plz'].'</plz>';
	  $xml[] = '<town>'.$row['town'].'</town>';			
	  $xml[] = '</address>';
	  $xml[] = '</event>';		
	  $xml[] = '<organization>';
	  $xml[] = '<name>'.$row['organization'].'</name>';
	  $xml[] = '<contactinformation>';
	  $xml[] = '<email>'.$row['email'].'</email>';			
	  $xml[] = '</contactinformation>';
	  $xml[] = '</organization>';	  
	} 
	
	$xml[] = '</event_informations>';
	// End XML file
	$xmlOutput = join($xml);
	
	//Output XML file
	echo $xmlOutput;
?>